> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
> >> * contextCSN LDAP control
> >>
> >> This is a LDAPv3 LDAP control. When the master
> propagates the
> >> operation, it puts the appropriate contextCSN value to the
> >> operation. If the backup server gots the contextCSN control,
> >> it uses the value rather than using lutil_csnstr().
> >
> >I see that this is a good idea when performing synchronous
> replication of
> >this type.
>
> It would be nice to have a control which allowed a client to
> provide NO-USER-MODIFICATION values to the servers. This would
> be particularly useful when inserting entries whose UUIDs, CSNs, etc.
> were created externally.
Sounds kinda like doing an end-run around the schema. But it definitely seems
to be necessary since we can't distinguish server-to-server traffic from
client-to-server traffic. How do we prevent this type of control from being
misused/abused?
-- Howard